부산대학교 도서관

The healthcare industry's adoption of electronic healthcare records (EHR) has recently increased the ease and speed of record sharing among patients, doctors, and hospital authorities. This shift has also enhanced the quality of care provided to patients. However, as the eHealthcare ecosystem deals with sensitive healthcare data, it is prone to security risks - as more users access sensitive healthcare information, the chances of data leakage increase proportionately. Therefore, efficient access control mechanisms need to be in place to ensure the privacy of EHRs. Access Control aims to ensure that authorized users can access the resources and that unauthorized users are prevented from doing so. In this paper, we propose an access control mechanism using ABAC to ensure healthcare data privacy and prevent its misuse. We use the XACML reference architecture for ABAC and try to improve the speed of policy evaluation by introducing a novel component called the Request Denial Cache. This component stores all the denied requests and saves time by eliminating the need to reprocess them in the future.